January 12, 2012
The transformation of Command and Control in U.S. Air Force Cyber Vision
An interesting entry appeared on National Defense, discussing the approach undertaken by U.S. AirForce on cyber warfare. The article illustrates how the U.S. Air Force is working toward an Air Force Cyber Vision 2025 study that will look at state-of-the-art and best practices in the near term (2012-2015) to the long term in 2025.
Such initiative is linked with a specific Request for Information, issued on last January 11th by the U.S. Department of the Air Force, in which the interested parties are asked to submit all the information that is required to support the U.S. service in shaping the needs that will be required for cyberspace exploitation, defense, and operations.
Command and Control in the Cybersphere
According to the above mentioned RFI, U.S. Air Force is seeking information on revolutionary hardware and software cyber technology and systems as well as innovative Tactics, Techniques, and Procedures (TTP) that will support, augment and in some cases extend mission range and scope. In addition, U.S. Air Force is interested in operational innovations that provide immediate and long-term applicable, cost-effective operational capability and technological superiority for Air Force operations. Also of interest are enabling mission support elements and supporting best practices that provide the foundation for cyber capabilities across the other domains.
In such context, a special interest for U.S. Air Force is related on how the exercise of Command and Control is conducted in and through cyberspace. It appears in fact that the practice of procedural versus positive control over air assets and the time scales of the C2 planning and execution cycles do not translate well to cyberspace where decision cycles hover around a fraction of a second. Conversely, placing cyber assets under procedural control requires the incorporation of a set of previously agreed upon rules for a broad range of future scenarios.
Integrated planning must take into consideration the challenges of cyberspace deconfliction, Identification of Friend or Foe (IFF) procedures and the potential of cyber fratricide and cross-domain (air/space/cyber) fratricide. The ability to tag and identify cyber assets and to continuously ascertain their status and integrity creates technical challenges unique to cyberspace.
Simply porting technologies developed for C2ISR in the air and space domain may not be directly applicable or useful in the cyber domain. At the same time, today cyber defense philosophies make little use of military strategy and tactics. Military commanders know that there are times when the best defensive strategy is to take the offensive. They also know the value of the tactics of deception and maneuver. The fact that cyber defense philosophies, such as the defense-in-depth philosophy, do not take advantage of offensive operations, or use the tactics of deception and maneuver, inhibits the defenders from being as effective as the attackers. Current cyber defense strategies tend to be static and their tactics tend to be reactive. The trend is to build layers of static defenses in the hope that every attack will be defeated by at least one of the layers. When this fails, there is a reaction that consists of determining where and how the defenses were penetrated, patching the defenses to stop future similar penetrations, and restoring the system to a coherent state.
The integration of kinetic assets and the effects they produce are also at a formative stage. C2 capabilities for monitoring, assessing, planning, and executing cyber operations need to be designed, developed, and implemented to be interoperable with existing air and space capabilities. The U.S. Air Force is thus interested in novel and unique approaches to enable C2ISR in an environment that is not constrained by time, distance, and geographical boundaries.
In this framework, new modeling and simulation (M&S) approaches appear critical to integrating cyber techniques into military operations. M&S tools need to assess effectiveness of cyber capabilities and actions for operations, planning, acquisition, and testing. together with evaluation tools that can capture the effects of combined kinetic and non-kinetic operations.
References: National Defense (1), FBO.gov (2), DoDCCRP (3)